War law and humanitarian protection symbols in cyber space

(To Orazio Danilo Russo)

One grows up in military schools with the principle - moral, rather than juridical - never to attack anyone who, on the battlefield, wears the emblem of the red cross on a white background; and the same goes for the symbol of the crescent or the red crystal on the white roof of an ambulance, a building or a tent. These distinctive signs are the signifiers of the protection that international law accords to those people, vehicles and structures that take care of the sick, wounded and shipwrecked. Attacking them means violating the principle of humanity that must characterize the conduct of military operations.

We also know that it is not permissible to exploit those symbols for retaliatory actions against the enemy. Furthermore, it is well known in the military environment how dishonorable it is to exploit those distinctive signs to deceive the opponent: the perfidy - that is, the conduct of those who appeal, with the intention of deceiving them, to the good faith of an opponent to make them believe that they have the right to receive (or the obligation to grant) humanitarian protection - it's a war crime and always assumes a particularly despicable connotation.

Studies and research have been underway for some time to make these ethical and legal principles effective also in the cyber domain. It is in fact necessary to ensure that autonomous weapon systems are able to recognize humanitarian protection badges and that the related artificial intelligences preserve them from the effects of kinetic action, direct or indirect. And it is also necessary that cyber attack operations, such as the use of malware that spread in the computer architectures of the adversary, do not affect portions of networks, information systems and IT services serving health facilities or the logistic chain for the exfiltration of the wounded from the battlefield.

In the search for concrete measures to strengthen this protection in the cyber domain, the idea of ​​developing one is gaining ground computer marking, A kind of hash imprint, which digitally identifies humanitarian protection organizations. In this sense, a regulatory framework already exists today, which can be used to address the new digital identification needs: this is theannex 1 al first additional protocol to the Geneva Convention, which lists and regulates the electrical, radio and electronic signals recognized as emblems of medical and paramedical personnel operating in the theater.

The interactions of the academic world are stimulated, among other things, by the commendable action of the International Committee of the Red Cross in its relentless mission to spread knowledge of international humanitarian law applicable in armed conflict. At the moment the studies follow two main lines: the search for the most effective technical solution and the evaluation of the drawbacks and benefits of such a choice. In fact, the advantages of a prompt electronic recognition that avoids the “targeting” error or the indirect effects of IT impact operations is countered by the risk that the blatant digital identification stimulates the targeting by malicious actors; or facilitate the already mentioned, dishonorable, "fake" use of emblems with the purpose of deceiving the good faith of the opponent.

Obviously these risks and benefits have always been known in the world of the tangible: it is now a question of understanding whether the translation on the digital plane can cushion or on the contrary emphasize its negative effects, taking into account the large attack surfaces and the asymmetry characteristics that distinguish cyber attacks. It is in fact a fact under the eyes of all that the attack on the computer system, for example, of a field hospital can be activated from thousands of kilometers away with a laptop worth a few hundred euros.
To learn more:




Images: web / US DoD